Born in Pasay, spent some childhood in San Juan, then stayed in Antipolo while studying in Pasay. Transferred after to "Poland" then studied in Mandaluyong. Worked in various places such as Ayala (Makati), Kapitolyo & Ortigas (Pasig), Libis & Aurora (Quezon City), and Antipolo and lately Cebu Cityyyyy!!! Yes, maayo man. Gimingaw ko nimo.

If you can see this, your browser doesn't
understand IFRAME. However, we'll still
link
you to the file.

Adgitize

Monday, June 25, 2007

Sorry guys, I'm been very out recently... out in the midst of our very forested home (lott'sa trees in our lot) just spending playful time with my sister's kids who crash my computer from time to time. Hehehe...

Anyway, what this blog concerns me right now is the prevalence of worms, trojans and viruses I'm encountering daily despite the updates I checked on desktop and notebook computers at work. More than that, I've been continuously receiving emails from somebody I perceive that the user didn't even know that her mailbox automatically sent those.

Here's the rest of the story...

Trojans

The most common in this arena would be "HTML/Phishing.gen" and its so common that I'm already pissed about it. Hahahaha. On NOD32's website, "HTML/Phishing.gen" comes in a variety of names. Smithfraud, Bankfrand, etc., You name it! All those financial-type emails requesting you to update something based on the link provided on the email. Well, yeah correct link. Just putting your mouse over that link before clicking it means a difference. It's another link though: so careful please!

Like their biological cousins, computer viruses still do need a host to deliver a payload on the intended (or rather random) recipient. Not much to tell about here, but I'm pretty sure there's plenty lurking out there.

SpyBot is such a good tool that when combined with your default A/V (I prefer BitDefender, McAfee, Sophos and Trend Micro though I consider Eset's NOD32 the best), an anti-spyware tool (Lavasoft's Ad-Aware).

TIP #1: Whenever you're having a hard time removing files, why not try a "Safe Mode with Command Prompt". From there, you can remove the unwanted files created by all the badwares.

TIP #2: Hating to wait till your computer finishes loading those processes everytime you bootup? There's a tool available from Microsoft called "Autoruns" and it will help you determine which of these processes are legitimate and can be disabled. It can also be used to remove all the nastly entries worms, trojans and viruses inserted. Combined with "Process Explorer", it will be an effective tool (call it "dynamic duo") in killing those processes and removing them after. Click here for more details. Just a word of concern: do things the intelligent way, or else you might end up reformatting your computer.

TIP #3: If possible, disable System Restore because Windows backs up your files on a certain folder on your computer. So everytime you clean your computer, infected files are also backed up, leaving another opportunity that once restored - the badwares would be present again in your computer. McAfee Threat Center has details on this. You may go there by clicking here.

Sites to Avoid(If you're using Yahoo! Messenger and a friend or somebody sent you a message, asking you to visit these sites, please don't - they're nasty conveyors of badwares)

72.29.67.138

danhba24h.com

decore.biz

drantispy.com

hiddenprofiles.net

nhatquanglan6.t35.com

quicknews.info

spylocked.com

t35.com

taiwan-cool.com

thecoolpics.com

thecoolpics.net

Lastly, for the auto-email sender, its a Win32/VB.NEI worm. A simple Google search would yield hundeds of results for the Win32/VB.NEI worm. Here's a transcript of the actual email sent to me: